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Sir: 



This Appeal Brief is submitted in triplicate in support of an Appeal of the Examiner's 
final rejection of claims 1-3 and 31-45 in the above-identified application. A Notice of Appeal 
was filed in this case on June 16, 2004 and received in the patent office on June 21, 2004. Please 
charge the fee of $320.00 due under 37 C.F.R. § 1.17(c) for filing the brief, as well as any 
additional required fees, to IBM Deposit Account No. 09-0457. 
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REAL PARTY IN INTEREST 

The real party in interest in the present Appeal is International Business Machines 
Corporation, the Assignee of the present application as evidenced by the Assignment recorded at 
reel 01 1 152 and frame 05 12 et. seq. of the USPTO assignment records. 

RELATED APPEALS AND INTERFERENCES 

No appeals or interferences are known to Appellants, the Appellants' legal representative, 
or assignee, which will directly affect or be directly affected by or have a bearing on the Board's 
decision in the present appeal. 

STATUS OF CLAIMS 

Claims 1-30 were originally presented. Claims 1-3 were amended, claims 4-30 were 
cancelled, and claims were 31-45 added as reflected in the Amendment filed January 12, 2004. 
Claims 1-3 and 31-45 stand finally rejected by the Examiner as noted in the Final Office Action 
dated April 2, 2004. The rejection of each pending claim is appealed. 

STATUS OF AMENDMENTS 

No amendment to the claims was proposed or entered subsequent to the Final Rejection 
dated April 2, 2004. 

SUMMARY OF THE INVENTION 

The present invention is directed to a method, system, and computer program product for 
improving dispatching of Socks network traffic. As explained on page 8 et seq., Socks 
connectivity provides secure encapsulation of network traffic having an underlying Application 
Level protocol (i.e., protocol such as HTTP, FTP, Telnet, etc.) that determines the subsequent 
flow of information exchange after a Socks connection is established. A Socks server is a proxy 
server that accepts requests from clients in a protected intranet and forwards these across the 
Internet. As depicted in Figure 4 and explained on page 9 et seq., prior art Socks transport often 
employs a dispatcher function to balance the load across multiple Socks servers. The present 
invention recognizes that such load balancing which does not account for the underlying 
Application Level protocol results in a significant penalty in terms of interfering with the 
intended transport characteristics of the connection as per its Application Level protocol. 

Figure 6 depicts a dispatcher system 615 that selectively dispatches IP datagrams to 
multiple Socks servers 603 in accordance with Application Level protocol related Type of 
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Service (TOS) values encoded into the datagrams m accordance with the invention. The system 
is adapted to implement the method depicted in Figure 9, which at step 905 depicts determining 
whether or not a given IP datagram is a Socks connect message, and if so, determining the 
Application Level protocol from transport data in the IP datagram (step 907). The Socks connect 
determination is therefore used to decide whether or not a new connection table record for a new 
connection is required, and if so, to set the TOS value of the datagram in accordance with the 
underlying Application Level protocol. 

ISSUE 

The rejection of claims 1-3 and 31-45 under 35 U.S.C. § 103(a) as unpatentable over U.S. 
Pat. No. 6,477,577 issued to Asano (hereinafter Asano) in view of U.S. Pat. No. 5,892,903 issued 
to Klaus (hereinafter Klaus). 

GROUPING OF THE CLAIMS 

For purposes of this Appeal, all of the pending claims stand or fall together as a single 

group. 

ARGUMENT 

The present appeal is filed in response to the Final Office Action dated April 2, 2004, in 
which claims 1-3 and 31-45 of Appellants 1 application stand rejected under 35 U.S.C. § 103(a) as 
unpatentable over Asano in view of Klaus. That rejection is not well founded and should be 
reversed because the combination of Asano and Klaus does not teach or suggest each feature 
recited in the present claims as required for a rejection under 35 U.S.C. § 103(a). 

Independent claims 1, 34, and 40 include fundamental limitations that are neither 
disclosed nor suggested by Asano and Klaus individually or in combination. Namely, each of 
the independent claims 1, 34, and 40 (represented in the following discussion by claim 1) 
includes a first element of determining whether or not a given IP datagram is a socks connect 
message followed by steps performed responsive to determining that the datagram is a socks 
connect message. Exemplary of the independent claims, claim 1 recites a method for setting a 
value in a type of service (TOS) field in an Internet Protocol (IP) datagram comprising in part: 

"determining whether or not said IP datagram is a socks connect message;" 

"in response to a determination that said IP datagram is a socks connect message, 
determining from said IP datagram an Application Level protocol (ALP) 

transported by a socks connection; 
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locating from a type of service (TOS) definition table a record corresponding to 
said ALP of said IP datagram; and 

determining from said located record a TOS value; and 
subsequently writing said determined TOS value into said TOS field of said IP datagram, 
wherein said TOS value is based on said ALP transported by said socks connection." 

As contended in the Response under 35 CFR 1.116 filed on April 15, 2004 in response to 
the Final Office Action, Asano does not disclose or suggest any step or element for determining 
whether or not a given EP datagram is a socks connect message. In the Final Office Action on 
page 2, item 2, the Examiner asserts that such a determination is disclosed at col. 6, lines 58-67. 
In fact, no such determination of the character of a particular IP datagram as being a socks 
connect message is disclosed in this passage or anywhere in the Asano reference. Instead the 
passage at col. 6, lines 58-67 describes use of a socks server record to contain connection 
substitute server information when the connection substitute server is a socks server. 

While processing for determining (recognizing) a socks connect message is known in the 
art, the absence of any discussion in Asano of any such determination is logically indicative of 
the consequent absence of any disclosure by Asano of any steps whatsoever performed in 
response to such a determination. On page 2, item 2, of the Final Office Action, the Examiner 
asserts that at col. 9, lines 32-44, Asano further discloses such responsive steps including, 
"determining from said located record a TOS value; and subsequently writing said determined 
TOS value into said TOS field of said IP datagram, wherein said TOS value is based on said 
ALP transported by said socks connection." The disclosure at col. 9, lines 32-44 clearly relates 
to host-specific IP addressing and not to the Application Level protocol TOS categorization (e.g. 
HTTP versus FTP categorization) and therefore does not disclose or suggest the foregoing steps. 
Furthermore, none of the actions described at col. 9, lines 32-44 or anywhere else in Asano are 
precipitated by a determination of whether or not a particular IP datagram is a socks connect 
message. 

CONCLUSION 

Because the combination of Asano and Klaus does not disclose or suggest a method or 
system for setting a TOS value in an IP datagram in which the underlying ALP is identified and 
utilized to set a TOS value for the datagram as recited by the foregoing techniques, the rejections 
of exemplary claim 1, and analogous system and computer program product claims 34 and 40, 
and their respective dependent claims under 35 U.S.C. § 103(a) should be reversed. 
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APPENDIX 



1. A method for setting a value within a type of service (TOS) field in an Internet Protocol 
(IP) datagram, wherein said IP datagram being sent from a source application that resides within 
a source device to a destination application that resides within a destination device, said method 
comprising: 

determining whether or not said IP datagram is a socks connect message; 

in response to a determination that said IP datagram is a socks connect message, 

determining from said IP datagram an Application Level protocol (ALP) 

transported by a socks connection; 

locating from a type of service (TOS) definition table a record corresponding to 
said ALP of said IP datagram; and 
determining from said located record a TOS value; and 
subsequently writing said determined TOS value into said TOS field of said IP datagram, 
wherein said TOS value is based on said ALP transported by said socks connection. 

2. The method of Claim 1, wherein said IP datagram includes an IP header having a source 
IP address field and a destination IP address field, wherein said IP datagram further includes a 
source port field and a destination port field, wherein said method further includes: 

reading a source device address of said source device from said source IP address field; 

reading a destination device address of said destination device address from said 
destination IP address field; 

reading a source application address of said source device from said source port field; 

reading a destination application address of said destination device from said destination 
port field. 

3. The method of Claim 1 wherein said IP datagram includes a header checksum field, 
wherein said writing said determined TOS value further includes: 

computing a header checksum value for said IP datagram according to said TOS value; 

and 

writing said computed header checksum value into said header checksum field. 
Claims 4-30 is canceled. 

31. The method of Claim 1, wherein said method further includes storing in a socks 
connection table a new entry containing said TOS value. 
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32. The method of Claim 1, wherein said determining whether or not said IP datagram is a 
socks connect message is performed by a socks traffic analyser component within associated 
with said source device. 

33. The method of Claim 1, wherein said writing said determined TOS value is performed by 
a socks TOS finder component within associated with said source device. 

34. A system for setting a value within a type of service (TOS) field in an Internet Protocol 
(IP) datagram, wherein said IP datagram being sent from a source application that resides within 
a source device to a destination application that resides within a destination device, said system 
comprising: 

means for determining whether or not said IP datagram is a socks connect message, 
in response to a determination that said IP datagram is a socks connect message, 

means for determining from said IP datagram an Application Level protocol 

(ALP) transported by a socks connection; 

means for locating from a type of service (TOS) definition table a record 
corresponding to said ALP of said IP datagram; and 
determining from said located record a TOS value; and 

means for subsequently writing said determined TOS value into said TOS field of 
said IP datagram, wherein said TOS value is based on said ALP transported by said socks 
connection. 

35. The system of Claim 34, wherein said IP datagram includes an IP header having a source 
IP address field and a destination IP address field, wherein said IP datagram further includes a 
source port field and a destination port field, wherein said system further includes: 

means for reading a source device address of said source device from said source IP 
address field; 

means for reading a destination device address of said destination device address from 
said destination IP address field; 

means for reading a source application address of said source device from said source 
port field; 

means for reading a destination application address of said destination device from said 
destination port field. 




36. The system of Claim 34, wherein said IP datagram includes a header checksum field, 
wherein said writing said determined TOS value further includes: 

means for computing a header checksum value for said IP datagram according to said 
TOS value; and 

means for writing said computer header checksum value into said header checksum field. 

37. The system of Claim 34, wherein said system further includes means for storing in a 
socks connection table a new entry containing said TOS value. 

38. The system of Claim 34, wherein said means for determining whether or not said IP 
datagram is a socks connect message is a socks traffic analyser component within associated 
with said source device. 

39. The system of Claim 34, wherein said means for writing said determined TOS value is a 
socks TOS finder component within associated with said source device. 

40. A computer program product for setting a value within a type of service (TOS) field in an 
Internet Protocol (IP) datagram, wherein said IP datagram being sent from a source application 
that resides within a source device to a destination application that resides within a destination 
device, said computer program product comprising: 

program code means for determining whether or not said DP datagram is a socks connect 
message; 

in response to a determination that said IP datagram is a socks connect message, 

program code means for determining from said IP datagram an Application Level 
Protocol (ALP) transported by a socks connection; 

program code means for locating from a type of service (TOS) definition table a 
record corresponding to said ALP of said IP datagram; and 
determining from said located record a TOS value; and 
program code means for subsequently writing said determined TOS value into said TOS 

field of said IP datagram, wherein said TOS value is based on said ALP transported by said 

socks connection. 
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41. The computer program product of Claim 40, wherein said IP datagram includes an IP 
header having a source IP address field and a destination IP address field, wherein said IP 
datagram further includes a source port field and a destination port field, wherein said computer 
program product further includes: 

program code means for reading a source device address of said source device from said 
source IP address field; 

program code means for reading a destination device address of said destination device 
address from said destination IP address field; 

program code means for reading a source application address of said source device from 
said source port field; 

program code means for reading a destination application address of said destination 
device from said destination port field. 

42. The computer program product of Claim 40, wherein said IP datagram includes a header 
checksum field, wherein said writing said determined TOS value further includes: 

program code means for computing a header checksum value for said IP datagram 
according to said TOS value; and 

program code means for writing said computed header checksum value into said header 
checksum field. 

43. The computer program product of Claim 40, wherein said computer program product 
further includes program code means for storing in a socks connection table a new entry 
containing said TOS value. 

44. The computer program product of Claim 40, wherein said program code means for 
determining whether or not said IP datagram is a socks connect message is a socks traffic 
analyser component within associated with said source device. 

45. The computer program product of Claim 40, wherein said program code means for 
writing said determined TOS value is a socks TOS finder component within associated with said 
source device. 
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